﻿<%@ Page Title="Security" Language="C#" MasterPageFile="~/Site.Master" AutoEventWireup="true" CodeBehind="Security.aspx.cs" Inherits="Testify.Tools.Security" %>
<asp:Content ID="Content1" ContentPlaceHolderID="HeadContent" runat="server">
</asp:Content>
<asp:Content ID="Content2" ContentPlaceHolderID="MainContent" runat="server">
<div class="container">
    <asp:SqlDataSource ID="sqlSecurity" runat="server" 
                       ConnectionString="<%$ ConnectionStrings:Singularity %>"
                       ProviderName="<%$ ConnectionStrings:Singularity.ProviderName %>" 
                       SelectCommand="SELECT page_name, security.permission_level, security_id, user_type_title
                                        FROM singularity.security, singularity.user_type
                                       WHERE page_name is not NULL
                                         AND user_type.permission_level = security.permission_level
                                         AND security.permission_level &lt;= :UserPermission
                                       ORDER BY page_name"
                       DeleteCommand="DELETE singularity.security
                                       WHERE security_id = :security_id"
                       UpdateCommand=" " OnUpdating="update" 
                       InsertCommand="SECURITIES.createPagePermissions" 
                       InsertCommandType="StoredProcedure">
                         
        <DeleteParameters>
            <asp:ControlParameter ControlID="gdvSecurity" PropertyName="SelectedValue" Name="security_id" />
        </DeleteParameters>
        <SelectParameters>
           <asp:SessionParameter DefaultValue="0" Name="UserPermission" SessionField="UserPermission" />
        </SelectParameters>
        <UpdateParameters>
            <asp:ControlParameter ControlID="gdvSecurity" Name="security_id" PropertyName="SelectedValue" DefaultValue="" DbType="String" />
            <asp:ControlParameter ControlID="gdvSecurity" Name="PERMISSION_LEVEL" PropertyName="SelectedValue" DbType="String" />
            <asp:ControlParameter ControlID="gdvSecurity" PropertyName="SelectedValue" DbType="String" DefaultValue="" Name="page_name" />
            <asp:ControlParameter ControlID="gdvSecurity" PropertyName="SelectedValue" DbType="String" Name="PERMISSION_LEVEL" />
            <asp:ControlParameter ControlID="gdvSecurity" PropertyName="SelectedValue" DbType="String" DefaultValue="" Name="page_name" />
            <asp:ControlParameter ControlID="gdvSecurity" PropertyName="SelectedValue" DbType="String" Name="PERMISSION_LEVEL" />
        </UpdateParameters>
        <InsertParameters>
            <asp:ControlParameter ControlID="gdvSecurity" Name="page_name" PropertyName="SelectedValue" DefaultValue="" DbType="String" />
            <asp:ControlParameter ControlID="gdvSecurity" Name="PERMISSION_LEVEL" PropertyName="SelectedValue" DbType="String" />
        </InsertParameters>
    </asp:SqlDataSource>

    <asp:SqlDataSource ID="sqlUserType" runat="server" 
                       ConnectionString="<%$ ConnectionStrings:Singularity %>" 
                       ProviderName="<%$ ConnectionStrings:Singularity.ProviderName %>"
                       SelectCommand="SELECT user_type_id, user_type_title, permission_level
                                        FROM singularity.user_type
                                       WHERE permission_level &lt;= :UserPermission
                                       ORDER BY permission_level" >

       <SelectParameters>
          <asp:SessionParameter DefaultValue="0" Name="UserPermission" SessionField="UserPermission" />
       </SelectParameters>
    </asp:SqlDataSource>

    <asp:GridView ID="gdvSecurity" runat="server"
                  DataSourceID="sqlSecurity"
                  AutoGenerateColumns="False" DataKeyNames="security_id"
                  GridLines="Vertical"          AllowSorting="True" BorderStyle="None"
                  ForeColor="#333333"           CellPadding="3" 
                  AllowPaging="false"            PageSize="10"
                  HorizontalAlign="center"      Font-Size="smaller"
                  ShowFooter="true"> 
        <Columns>
   
            <asp:TemplateField ShowHeader="False">
                <HeaderTemplate>
                   <asp:ImageButton ID="btnShowInsert" SkinID="addButton" Text="New" OnClick="btnShowInsert_onClick" runat="server" />
			       </HeaderTemplate>
			       <ItemStyle Width="60px" HorizontalAlign="center"/>
                <ItemTemplate>
                    <asp:ImageButton ID="lnkEdit" SkinID="editButton" runat="server" CausesValidation="False" CommandName="Edit" Text="Edit" />
                    <asp:ImageButton ID="lnkDelete" SkinID="deleteButton" runat="server" CausesValidation="False" CommandName="Delete" Text="Delete" Visible="true" />
                    <asp:ConfirmButtonExtender ID="ConfirmButtonExtender1" runat="server" TargetControlID="lnkDelete" ConfirmText="Are you sure you want to delete this page?" />
                </ItemTemplate>
                <EditItemTemplate>
                    <asp:LinkButton ID="lnkUpdate" runat="server" CausesValidation="False" CommandName="Update" Text="Update"/>
                    <asp:LinkButton ID="lnkCancel" runat="server" CausesValidation="False" CommandName="Cancel" Text="Cancel"/>
                </EditItemTemplate>
		          <FooterTemplate>
                   <asp:ImageButton ID="btnShowInsertFoot" SkinID="addButton" Text="New" OnClick="btnShowInsert_onClick" runat="server" />
			          <asp:LinkButton ID="btnInsert"       ForeColor="white" Text="Insert" OnClick="btnInsert_onClick"       ValidationGroup="valInsert" runat="server" Visible="false" />
			          <asp:LinkButton ID="btnCancelInsert" ForeColor="white" Text="Cancel" OnClick="btnCancelInsert_onClick" ValidationGroup="valCancel" runat="server" Visible="false" />
		          </FooterTemplate>
            </asp:TemplateField>
            
            <asp:TemplateField headertext="Page Name" SortExpression="page_name">
                <ItemStyle Wrap="false" />
                <ItemTemplate>
                    <asp:Label ID="Label2" runat="server" Text='<%# Eval("page_name") %>' />
                </ItemTemplate>
                <EditItemTemplate>
                    <asp:Label ID="lblName" runat="server" Text='<%# Eval("page_name") %>'/>
                </EditItemTemplate>
                <FooterTemplate>
                    <asp:TextBox ID="txtNewName" runat="server" MaxLength="50" Width="200px" Text='<%# Bind("page_name") %>' Visible="false" />
                </FooterTemplate>
            </asp:TemplateField>
            
            <asp:TemplateField HeaderText="Permission Level" SortExpression="PERMISSION_LEVEL,page_name">
                <ItemTemplate>
                    <asp:Label ID="lblPermission" runat="server" Text='<%# Bind("user_type_title") %>'/>
                </ItemTemplate>
                <EditItemTemplate>
                    <asp:DropDownList ID="ddlUserType" runat="server" DataSourceID="sqlUserType" DataTextField="user_type_title" DataValueField="PERMISSION_LEVEL" SelectedValue='<%# Bind("PERMISSION_LEVEL") %>' />
                </EditItemTemplate>
                <FooterTemplate>
                    <asp:DropDownList ID="ddlNewUserType" runat="server" DataSourceID="sqlUserType" DataTextField="user_type_title" DataValueField="PERMISSION_LEVEL" SelectedValue='<%# Bind("PERMISSION_LEVEL") %>' Visible="false" />
                </FooterTemplate>
            </asp:TemplateField>

        </Columns>
    </asp:GridView>

</div>
</asp:Content>
